|
296741
|
- |
|
emc
|
rsa_authentication_agent
rsa_authentication_client
|
The authentication functionality in EMC RSA Authentication Agent 7.1 and RSA Authentication Client 3.5 on Windows XP and Windows Server 2003, when an unspecified configuration exists, allows remote a…
|
CWE-287
Improper Authentication
|
CVE-2012-2287
|
2024-11-21 10:38 |
2012-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296742
|
- |
|
peter_kovacs
|
timesheet_next_gen
|
Multiple SQL injection vulnerabilities in login.php in Timesheet Next Gen 1.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters.
|
CWE-89
SQL Injection
|
CVE-2012-2105
|
2024-11-21 10:38 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296743
|
- |
|
flexcms
|
flexcms
|
Multiple cross-site request forgery (CSRF) vulnerabilities in FlexCMS 3.2.1 and earlier allow remote attackers to (1) hijack the authentication of users for requests that change account settings via …
|
CWE-352
Origin Validation Error
|
CVE-2012-1901
|
2024-11-21 10:38 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296744
|
- |
|
sami_kiminki
|
redirecting_click_bouncer
|
Open redirect vulnerability in the Redirecting click bouncer module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2012-2062
|
2024-11-21 10:38 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296745
|
- |
|
nijskens_raf
|
admintools
|
Cross-site request forgery (CSRF) vulnerability in the Admin tools module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors involving "not che…
|
CWE-352
Origin Validation Error
|
CVE-2012-2061
|
2024-11-21 10:38 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296746
|
- |
|
nijskens_raf
|
admintools
|
Cross-site scripting (XSS) vulnerability in the Admin tools module for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2060
|
2024-11-21 10:38 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296747
|
- |
|
steve_lockwood
|
ticketyboo_news_ticker
|
Cross-site scripting (XSS) vulnerability in the ticketyboo News Ticker module for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2059
|
2024-11-21 10:38 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296748
|
- |
|
paypal
|
ubercart_payflow
|
The Ubercart Payflow module for Drupal does not use a secure token, which allows remote attackers to forge payments via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2058
|
2024-11-21 10:38 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296749
|
- |
|
miura
|
ubercart_bulk_stock_updater
|
Cross-site request forgery (CSRF) vulnerability in the Ubercart Bulk Stock Updater module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors re…
|
CWE-352
Origin Validation Error
|
CVE-2012-2057
|
2024-11-21 10:38 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296750
|
- |
|
nathan_brink
|
content_lock
|
Cross-site request forgery (CSRF) vulnerability in the Content Lock module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2012-2056
|
2024-11-21 10:38 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
